package com.koron.auth.controller;

import com.koron.auth.aop.LoginLog;
import com.koron.auth.service.AuthService;
import com.koron.auth.service.StaffService;
import com.koron.bean.base.Response;
import com.koron.bean.system.staff.dto.OutStaffBean;
import com.koron.bean.system.staff.vo.EamUser;
import com.koron.common.core.util.StringUtils;
import com.koron.common.core.util.qywx.QywxUtil;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * @ClassName AuthController
 * @description
 * @Author zhouj
 * @Date 2021/7/14 20:08
 */

@RestController
@RequestMapping("/auth")
@RefreshScope
@Api(tags = "认证鉴权")
public class AuthController {

    @Autowired
    AuthService authService;

    @Autowired
    StaffService staffService;

    @Value("${isNeedLogin:false}")
    private Boolean isNeedLogin;//是否需要登录

    @Value("${restrictLogin:false}")
    private Boolean restrictLogin;//是否限制登录方式（非正常登录）


    /*
     * 功能描述 认证登录,后期考虑集成到casH
     * @author zhouj
     * @date 2021/7/14 20:11
     * @param []
     * @return java.lang.String
     */
    @GetMapping("/login")
    public Response<String> login(@RequestParam("account") String account) {

        return authService.login(account);

    }

    @GetMapping("/test")
    public Response<String> test(String str) {

        return Response.ok(str);

    }

    /**
     * 单点登录自登录接口
     *
     * @param ticket
     * @param request
     * @return
     * @throws
     * @throws
     */
    @LoginLog
    @ApiOperation(value = "sso登录后中转")
    @RequestMapping(value = "/ssoLoginRedirect.htm", method = RequestMethod.GET, produces = {"application/json;charset=UTF-8"})
    public void ssoLoginRedirect(@RequestParam("ticket") String ticket, HttpServletRequest request, HttpServletResponse response) throws IOException {
        authService.ssoLoginRedirect(ticket, request, response);
    }

    /**
     * 竹云单点登录自登录接口
     *
     * @param code
     * @param request
     * @return
     * @throws
     * @throws
     */
    @ApiOperation(value = "竹云sso登录后中转")
    @RequestMapping(value = "/iamSsoLoginRedirect.htm", method = RequestMethod.GET, produces = {"application/json;charset=UTF-8"})
    public void iamSsoLoginRedirect(@RequestParam("code") String code, @RequestParam(value = "state", required = false) String state, HttpServletRequest request, HttpServletResponse response) throws IOException {
        authService.iamSsoLoginRedirect(code, request, response);
    }

    /**
     * 珠三角单点登录自登录接口
     * @param request
     * @return
     * @throws
     * @throws
     */
    @ApiOperation(value = "珠三角sso登录后中转")
    @RequestMapping(value = "/zsjSsoLoginRedirect.htm", method = RequestMethod.GET, produces = {"application/json;charset=UTF-8"})
    public void zsjSsoLoginRedirect(@RequestParam("ticket") String ticket, HttpServletRequest request, HttpServletResponse response) throws IOException {
        authService.zsjSsoLoginRedirect(ticket, request, response);
    }

    /**
     * 登陆后查询用户信息及生成token
     *
     * @param ticket
     * @param request
     * @return
     * @throws
     * @throws
     */
    @ApiOperation(value = "sso根据ticket获取登录用户信息")
    @RequestMapping(value = "/getSsoLoginUserInfo.htm", method = RequestMethod.GET, produces = {"application/json;charset=UTF-8"})
    public Response getSsoLoginUserInfo(@RequestParam(value = "ticket", required = false) String ticket,
                                        @RequestParam(value = "account", required = false) String account,
                                        HttpServletRequest request, HttpServletResponse response) throws IOException {

        if (!isNeedLogin && StringUtils.isEmpty(account)) {
            ticket = null;
            account = "test";
        }
        //加入配置，防止在浏览器地址栏恶意登录
        if (isNeedLogin && restrictLogin) {
            account = null;
        }
        return authService.getSsoLoginUserInfo(ticket, account, request, response);
    }

    /**
     * oa登录自登录接口
     *
     * @param request
     * @return
     * @throws
     * @throws
     */
    @ApiOperation(value = "oa登录访问配置链接")
    @RequestMapping(value = "/oaLoginRedirect.htm", method = RequestMethod.GET, produces = {"application/json;charset=UTF-8"})
    public void oaLoginRedirect(@RequestParam("rsaStr") String rsaStr, HttpServletRequest request, HttpServletResponse response) throws IOException {
        authService.oaLoginRedirect(rsaStr, request, response);
    }

    /**
     * 登陆后查询用户信息及生成token
     *
     * @param request
     * @return
     * @throws
     * @throws
     */
    @ApiOperation(value = "oa根据rsaStr获取登录用户信息")
    @RequestMapping(value = "/getOaLoginUserInfo.htm", method = RequestMethod.GET, produces = {"application/json;charset=UTF-8"})
    public Response getOaLoginUserInfo(@RequestParam(value = "rsaStr") String rsaStr,
                                       HttpServletRequest request, HttpServletResponse response) throws IOException {
        return authService.getOaLoginUserInfo(rsaStr, request, response);
    }

    @ApiOperation(value = "外单位登录鉴权")
    @PostMapping("/outStafflogin")
    public Response<Object> outStafflogin(@RequestBody OutStaffBean outStaffBean) {
        return authService.outStafflogin(outStaffBean);
    }

    @ApiOperation(value = "企业微信中小程序登录鉴权")
    @PostMapping("/qy/miniProgramLogin")
    public Response<EamUser> miniProgramLogin(@RequestParam String code, HttpServletRequest request, HttpServletResponse response) {
        //根据code调取接口
        return authService.miniProgramLogin(code, request, response);
    }


    @ApiOperation(value = "企业微信OAuth2网页登录鉴权")
    @PostMapping("/qy/oAuth2Login")
    public Response<EamUser> oAuth2Login(@RequestParam String code, HttpServletRequest request, HttpServletResponse response) {
        //根据code调取接口
        return authService.oAuth2Login(code, request, response);
    }

    @ApiOperation(value = "清空缓存企业微信token")
    @PostMapping("/qy/clearToken")
    public Response<String> clearToken() {
        //根据code调取接口
        QywxUtil.clearToken();
        return Response.ok("清理成功");
    }

    /**
     * oa登录自登录接口
     *
     * @param ticket
     * @param request
     * @return
     * @throws
     * @throws
     */
    @ApiOperation(value = "企业微信消息点击链接跳转免登陆")
    @RequestMapping(value = "/qywxMessageLogin.htm", method = RequestMethod.GET, produces = {"application/json;charset=UTF-8"})
    public void qywxMessageLogin(@RequestParam("redirectUrl") String redirectUrl, @RequestParam("code") String code, HttpServletRequest request, HttpServletResponse response) throws IOException {
        authService.qywxMessageLogin(redirectUrl, code, request, response);
    }

    @ApiOperation(value = "验证远程支持登录并提供token")
    @GetMapping(value = "/remoteLogin")
    public void remoteLogin(String encryption, String account, HttpServletResponse response)  throws IOException {
        authService.decrypt(encryption, account, response);
    }
}
